fastnetmon does exactly what you’re looking for. https://fastnetmon.com/ <https://fastnetmon.com/> there is also an open source version https://github.com/pavel-odintsov/fastnetmon <https://github.com/pavel-odintsov/fastnetmon>
my best —vicente > On Aug 30, 2018, at 12:52 PM, Aaron Gould <[email protected]> wrote: > > Hi, does anyone know how to use flow data to trigger a rtbh (remotely > triggered blackhole) route using bgp ? …I’m thinking we could use quagga or > a script of some sort to interact with a router to advertise to bgp the /32 > host route of the victim under attack. > > Btw, I already have nfsen running and we receive real-time alters of various > types of attacks, high volume, high ports, etc… and then we telnet into a > cisco trigger router and drop a few lines of code into it and then bgp does > the rest within seconds, the upstream providers learn of this route via > communities and they rtbh it in their cloud, BUT, I would like my alerts to > do this automatically… that would be very nice. Any guidance would be > appreciated. > > -Aaron
